To assist organizations, particularly those in the critical infrastructure sectors, prioritize cybersecurity investments and address critical risks, the DHS has announced Cybersecurity Performance Goals (CPGs).
Using input from partners in the public and private sectors, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) and NIST developed the CPGs. The DHS claims that the goals are distinctive in that they address risk not only to individual entities but also the overall risk to the country.
They are the result of the White House’s efforts to strengthen the US’s cybersecurity. CPG categories include supply chain / third party, response and recovery, governance and training, account security, device security, data security, and response and recovery.